RPCMS v3.0.2 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily add an administrator account.
References
Link | Resource |
---|---|
https://github.com/ralap-z/rpcms/issues/2 | Exploit Issue Tracking Third Party Advisory |
Configurations
Information
Published : 2022-10-13 07:15
Updated : 2022-10-14 07:35
NVD link : CVE-2022-41475
Mitre link : CVE-2022-41475
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
rpcms
- rpcms